Implementing chroot directory for sftp users

5

I am running OpenSSH64 on a Windows 2012 environment. OpenSSH64 is running and I can access the server. I have modified the sshd_config file with no success.

I have made the following changes: 

Subsystem sftp C:\OpenSSH-Win64\sftp-server.exe 

Match User sftponly-user 
X11Forwarding no 
AllowTcpForwarding no 
ForceCommand internal-sftp 
ChrootDirectory %h

I have also tried 

ChrootDirectory C:\User_Specific_Directory\

We are trying to generate logs to verify that the changes we make in the sshd_config file are being applied. However, we receive the following error in the log: 

3784 11:00:17 087 error: accept: The operation completed successfully.

Does anyone have a working example of chrooting a user to a specific directory?

windowsguy2016

Posted 2016-05-31T16:22:49.910

Reputation: 51

Possible duplicate of openSSH connection reset by peer -- something similar will work on windows too

– Jakuje – 2016-05-31T19:52:44.977

Answers

0

This feature has not been implemented in OpenSSH for Windows (basically because it's hard): https://github.com/PowerShell/Win32-OpenSSH/issues/190

EM0

Posted 2016-05-31T16:22:49.910

Reputation: 1 703

1

FYI, support was added in v7.7.0.0 (https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration#chrootdirectory-support-added-in-v7700)

– bfhd – 2019-08-21T22:19:28.517

Asked: 2016-05-31T16:22:49.910

Viewed: 6 120 times

Active: 2020-02-17T18:01:25.360